On Wed, Jun 26, 2019 at 12:42:06PM +0200, viktor babrian wrote: > when performing a wps pbc session, credential either contains the psk > or the passphrase. I case of hostapd, this depends only on the config > (whether wpa_passphrase or wpa_psk is specified (later)). This > behavior correlates with comments found in the code, e.g. in wps.h, > near the definition of network_key. > > However if AP is set up using wpa_supplicant, wps cred is always > passed containing the generated or specified psk. To my understanding, > this is caused by that the wpa_supplicant always passes psk if it is > set in wpa_supplicant_conf_ap() in ap.c. In wpa_supplicant psk is > generated every time passphrase is set/changed, so psk is always set. > I changed wpa_supplicant_conf_ap() so that passphrase gets passed if > set (see below). Can anybody confirm ? I have just read the code, I do > not know anything of the original intentions etc. Providing PSK to the Enrollees is the preferred option if the Enrollee is known not to have use for the passphrase (e.g., share it with another device) since use of PSK instead of passphrase saves CPU. The original reason for this design was to use the device capabilities (whether the Enrollee indicates it has a display), but the main current use is in preferring to use PSK for all the P2P cases since the passphrase is likely to be a random temporary value for the group. The changes here would seem to break that design. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
